How are AETs bypassing your current network security?

2 min read.

News Article
1 December 2017

Whilst the industry has known about Advanced Evasion Techniques for some time now (we’ve all heard of WannaCry…), it is still surprising to see that the results for NSS Labs’ most recent NGFW test in 2017 show that on average, only 67% of AETs are detected and blocked by next gen firewall devices. Pleasing however, to see that NETprotocol’s chosen technology has the highest protection rate of 99.95% effective.

With GDPR compliance a hot topic for law firms at present, network vulnerabilities have to be addressed. Without doing this, how can compliance be achieved? As no matter what measures are taken, your data won’t be secure.

And That’s Just the Beginning…

Cyberattackers can use these sorts of tricks across different layers of the network stack and can dynamically shift from one to another. Multiple evasions are often used together, resulting in millions of possible combinations. An effective AET defense makes it possible for inspection engines within network security devices, to see the malicious code and take appropriate actions.

How To Defend Against AETs 

First things first, you need to assess your network security posture, so that you can see whether your security controls are up to the task of blocking emerging advanced threats. This is easier than you may think – with Forcepoint’s free software based testing environment for evasions, which allows you to see how well your firewalls and intrusion preventions systems (IPSs) defend against these threats.

Evader runs in both virtual and physical environments. It includes two static exploits and a controlled set of dynamic AETs and through using this tool, it becomes immediately obvious whether or not your network security device is protecting against AETs.

Forcepoint NGFW pioneered AET defenses and has spent years honing their firewall to provide unrivalled effectiveness in defeating evasions through their global research team, which is continuously on the lookout out for new threats to detect and new ways to protect clients worldwide.